Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 4.6

    MEDIUM
    CVE-2005-1887

    Unknown vulnerability in the Sun Solaris C library (libc and libproject) in Solaris 10 allows local users to gain privileges.... Read more

    Affected Products : solaris
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1895

    Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back parameters to (1) help.php or (2) footer.php.... Read more

    Affected Products : flatnuke
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1882

    PHP remote file inclusion vulnerability in last_gallery.php in YaPiG 0.93u and 0.94u allows remote attackers to execute arbitrary PHP code via the YAPIG_PATH parameter.... Read more

    Affected Products : yapig
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.2

    HIGH
    CVE-2005-1905

    The klif.sys driver in Kaspersky Labs Anti-Virus 5.0.227, 5.0.228, and 5.0.335 on Windows 2000 allows local users to gain privileges by modifying certain critical code addresses that are later accessed by privileged programs.... Read more

    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1904

    SQL injection vulnerability in login.asp in JiRo's Upload System (JUS) 1 allows remote attackers to execute arbitrary SQL commands via the password parameter.... Read more

    Affected Products : jiro_upload_system
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1899

    Rakkarsoft RakNet network library 2.33 and earlier, when released before 30 May 2005, and as used in multiple products including nFusion Elite Warriors: Vietnam, allows remote attackers to cause a denial of service (infinite loop) via a zero-byte UDP pack... Read more

    Affected Products : raknet
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 3.6

    LOW
    CVE-2005-1902

    Directory traversal vulnerability in the IMAP service for SPA-PRO Mail @Solomon 4.00 allows remote authenticated users to read other users' mail and perform operations on arbitrary directories via .. sequences in the (1) SELECT, (2) CREATE, (3) DELETE, an... Read more

    Affected Products : spa-pro_mail_atsolomon
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1964

    PHP remote file inclusion vulnerability in utilit.php for Ovidentia Portal allows remote attackers to execute arbitrary PHP code via the babInstallPath parameter.... Read more

    Affected Products : ovidentia
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1911

    The fetchnews NNTP client in leafnode 1.11.2 and earlier can hang while waiting for input that never arrives, which allows remote NNTP servers to cause a denial of service (news loss).... Read more

    Affected Products : leafnode
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 6.4

    MEDIUM
    CVE-2005-1884

    Directory traversal vulnerability in the (1) rmdir or (2) mkdir commands in upload.php in YaPiG 0.92b, 0.93u and 0.94u allows remote attackers to create or delete arbitrary directories via a .. (dot dot) in the dir parameter.... Read more

    Affected Products : yapig
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2005-1874

    Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive.... Read more

    Affected Products : dzip
    • Published: Jun. 09, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1968

    Cross-site scripting (XSS) vulnerability in ProductCart Ecommerce before 2.7 allows remote attackers to inject arbitrary web script or HTML via the error parameter to techErr.asp.... Read more

    Affected Products : productcart
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2005-1941

    SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code.... Read more

    Affected Products : silvercity
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2005-0756

    ptrace in Linux kernel 2.6.8.1 does not properly verify addresses on the amd64 platform, which allows local users to cause a denial of service (kernel crash).... Read more

    Affected Products : linux_kernel
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1723

    LaunchServices in Apple Mac OS X 10.4.x up to 10.4.1 does not properly mark file extensions and MIME types as unsafe if an Apple Uniform Type Identifier (UTI) is not created when the type is added to the database of unsafe types, which could allow attacke... Read more

    Affected Products : mac_os_x_server
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 4.6

    MEDIUM
    CVE-2005-1728

    MCX Client for Apple Mac OS X 10.4.x up to 10.4.1 insecurely logs Portable Home Directory credentials, which allows local users to obtain the credentials.... Read more

    Affected Products : mac_os_x
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1758

    Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.... Read more

    Affected Products : netmail
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1943

    Multiple SQL injection vulnerabilities in Loki download manager 2.0 allow remote attackers to execute arbitrary SQL commands via the (1) password field to default.asp or (2) cat parameter to catinfo.asp.... Read more

    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2005-1756

    Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields.... Read more

    Affected Products : netmail
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2005-1757

    Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.... Read more

    Affected Products : netmail
    • Published: Jun. 08, 2005
    • Modified: Apr. 03, 2025
Showing 20 of 293338 Results